package com.ark.cloud.dataservices.modules.sys.controller;

import com.alibaba.fastjson.JSONArray;
import com.ark.cloud.dataservices.common.utils.IpUtils;
import com.ark.cloud.dataservices.common.web.entity.Result;
import com.ark.cloud.dataservices.modules.sys.entity.form.DataOperationForm;
import com.ark.cloud.dataservices.modules.sys.service.IDataOperationService;
import com.ark.cloud.dataservices.modules.sys.service.ISeatService;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@Slf4j
@RestController
@RequestMapping("/dataservice")
public class DataOperationController {

    final IDataOperationService dataOperationService;
    final ISeatService seatService;

    public DataOperationController(IDataOperationService dataOperationService, ISeatService seatService) {
        this.dataOperationService = dataOperationService;
        this.seatService = seatService;
    }

    @SuppressWarnings("BooleanMethodIsAlwaysInverted")
    private boolean auth(HttpServletRequest request) {
        String ipAddr = IpUtils.getIpAddr(request);
        log.debug("From IP: {}", ipAddr);
        String license = request.getHeader("Authorization");
        if(StringUtils.isBlank(license)){
            log.warn("License is blank");
            return false;
        }
        String seatIp = seatService.getIpAddrByLicense(license);
        if (seatIp.equals("0.0.0.0")) {
            return true;
        }
        if (!seatIp.equals(ipAddr)) {
            log.warn("IP 不匹配，席位 IP: {}, 访问 IP: {}", seatIp, ipAddr);
            return false;
        }
        return true;
    }

    /**
     * 查询数据
     */
    @PostMapping("/select")
    public Result<?> select(HttpServletRequest request, @RequestBody DataOperationForm form) {
        if (!auth(request)) {
            return Result.fail(50000, "License 验证失败");
        }
        if (!form.getStatement().trim().toLowerCase().startsWith("select")) {
            return Result.fail(50000, "使用非查询语句调用查询接口");
        }
        JSONArray data = dataOperationService.excuteDQL(form.getStatement());
        return Result.success(data);
    }

    /**
     * 更新数据
     */
    @PostMapping("/update")
    public Result<?> update(HttpServletRequest request, @RequestBody DataOperationForm form) {
        if (!auth(request)) {
            return Result.fail(50000, "License 验证失败");
        }
        if (!form.getStatement().trim().toLowerCase().startsWith("update")) {
            return Result.fail("使用非更新语句调用更新接口");
        }
        return Result.success(dataOperationService.excuteDML(form.getStatement()) ? "更新成功" : "更新失败");
    }

    /**
     * 删除数据
     */
    @PostMapping("/delete")
    public Result<?> delete(HttpServletRequest request, @RequestBody DataOperationForm form) {
        if (!auth(request)) {
            return Result.fail(50000, "License 验证失败");
        }
        if (!form.getStatement().trim().toLowerCase().startsWith("delete")) {
            return Result.fail("使用非删除语句调用删除接口");
        }
        return Result.success(dataOperationService.excuteDML(form.getStatement()) ? "删除成功" : "删除失败");
    }

    /**
     * 插入数据
     */
    @PostMapping("/insert")
    public Result<?> insert(HttpServletRequest request, @RequestBody DataOperationForm form) {
        if (!auth(request)) {
            return Result.fail(50000, "License 验证失败");
        }
        if (!form.getStatement().trim().toLowerCase().startsWith("insert")) {
            return Result.fail("使用非插入语句调用插入接口");
        }
        return Result.success(dataOperationService.excuteDML(form.getStatement()) ? "插入成功" : "插入失败");
    }

}
